Bug 1730174 - Containers with volume mappings cause traceback: KeyError: 'source'
Summary: Containers with volume mappings cause traceback: KeyError: 'source'
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora
Classification: Fedora
Component: udica
Version: 30
Hardware: x86_64
OS: Linux
high
high
Target Milestone: ---
Assignee: Lukas Vrabec
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2019-07-16 05:05 UTC by Ira Malinich
Modified: 2019-07-20 02:33 UTC (History)
1 user (show)

Fixed In Version: udica-0.1.8-1.fc30
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2019-07-20 02:33:38 UTC


Attachments (Terms of Use)

Description Ira Malinich 2019-07-16 05:05:35 UTC
Description of problem:
On all of the images I've tried, if I create a relatively innocent volume mapping, udica fails with a traceback error.


Version-Release number of selected component (if applicable):
udica-0.1.7-1.fc30.noarch


How reproducible:
Consistently


Steps to Reproduce:
1. Get an image.
podman pull github.io/library/fedora

2. Create the container with a volume mapping like this:
$ podman run --detach --tty --name=fedora-user \
        -v /home/thub/Downloads:/downloads:ro \
        docker.io/library/fedora

3. Get the json data.
$ podman inspect fedora-user > fedora-user.json

4. Run udica.
$ udica -j fedora-user.json container_fedora_user


Actual results:
Traceback (most recent call last):
  File "/usr/bin/udica", line 11, in <module>
    load_entry_point('udica==0.1.7', 'console_scripts', 'udica')()
  File "/usr/lib/python3.7/site-packages/udica/__main__.py", line 109, in main
    create_policy(opts, container_caps, container_mounts, container_ports)
  File "/usr/lib/python3.7/site-packages/udica/policy.py", line 131, in create_policy
    if not item['source'].find("/"):
KeyError: 'source'


Expected results:
Creates an SELinux policy to be imported into the system.

Additional info:
I get the same behaviour using rooted podman and rootless podman.

Comment 1 Lukas Vrabec 2019-07-16 07:35:39 UTC
Hi Ira, 

This issue in udica is caused by new podman version (podman-1.4.0+). It's already fixed in fedora packages for udica are in updates-testing repository. Here is a update page: 
https://bodhi.fedoraproject.org/updates/FEDORA-2019-9b39f10dbe

You can install udica-0.1.8-1.fc30 using:
$ sudo dnf upgrade --enablerepo=updates-testing --advisory=FEDORA-2019-9b39f10dbe


Feel free to add karma after testing this package. 

Thanks,
Lukas.

Comment 2 Fedora Update System 2019-07-16 07:41:15 UTC
FEDORA-2019-9b39f10dbe has been submitted as an update to Fedora 30. https://bodhi.fedoraproject.org/updates/FEDORA-2019-9b39f10dbe

Comment 3 Ira Malinich 2019-07-17 07:01:24 UTC
The update works fine for me.  Karma was added.

Comment 4 Lukas Vrabec 2019-07-17 07:43:44 UTC
Thanks for feedback.

Comment 5 Fedora Update System 2019-07-20 02:33:38 UTC
udica-0.1.8-1.fc30 has been pushed to the Fedora 30 stable repository. If problems still persist, please make note of it in this bug report.


Note You need to log in before you can comment on or make changes to this bug.